HackTheBox - Gobox

SSTI in Golang, abuse S3 bucket, and NGINX backdoor

HackTheBox - TheNotebook

Abusing JWT key identifier and breaking out of a Docker container

HackTheBox - Spectra

Getting password from automatic login script of ChromeOS

HackTheBox - Passage

USBCreator LPE on Linux

HackTheBox - Worker

Learn how Azure Pipelines can be abused

HackTheBox - Buff

Tunneling with Chisel to deliver a buffer overflow exploit

HackTheBox - SneakyMailer

Example of a phishing attack and PyPI package exploitation

HackTheBox - Bucket

Pentesting against simulated AWS S3 Bucket

HackTheBox - Magic

SQLi for login bypass and embed webshell to an image file

HackTheBox - OpenAdmin

Exploiting OpenNetAdmin vulnerability and sudo nano